CVE-2014-4660
Published: 20 February 2020
Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.
From the Ubuntu Security Team
It was discovered that Ansible created filenames containing sensitive information. An attacker could use this vulnerability to obtain unauthorized access to a private Ubuntu repository.
Priority
Status
Package | Release | Status |
---|---|---|
ansible Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1.6.5+dfsg-1)
|
bionic |
Not vulnerable
(1.6.5+dfsg-1)
|
|
cosmic |
Not vulnerable
(1.6.5+dfsg-1)
|
|
disco |
Not vulnerable
(1.6.5+dfsg-1)
|
|
eoan |
Not vulnerable
(1.6.5+dfsg-1)
|
|
focal |
Not vulnerable
(1.6.5+dfsg-1)
|
|
impish |
Not vulnerable
(1.6.5+dfsg-1)
|
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Released
(1.5.4+dfsg-1ubuntu0.1~esm2)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(1.5.5+dfsg-1)
|
|
utopic |
Not vulnerable
(1.6.5+dfsg-1)
|
|
vivid |
Not vulnerable
(1.6.5+dfsg-1)
|
|
wily |
Not vulnerable
(1.6.5+dfsg-1)
|
|
xenial |
Not vulnerable
(1.6.5+dfsg-1)
|
|
yakkety |
Not vulnerable
(1.6.5+dfsg-1)
|
|
zesty |
Not vulnerable
(1.6.5+dfsg-1)
|
|
groovy |
Not vulnerable
(1.6.5+dfsg-1)
|
|
hirsute |
Not vulnerable
(1.6.5+dfsg-1)
|
|
jammy |
Not vulnerable
(1.6.5+dfsg-1)
|
|
Patches: upstream: https://github.com/ansible/ansible/commit/c4b5e46054c74176b2446c82d4df1a2610eddc08 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.5 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |